loop after loop conditional

77 views
Skip to first unread message

Jerry Jerry

unread,
May 20, 2020, 3:21:31 PM5/20/20
to Ansible Project
Trying to check if a user exists locally and if true, check to see if it has sudo rights.  I can't seem to process the second loop.  I tried using out.results.item but error:

fatal: [hostname]: FAILED! => {"msg": "'list object' has no attribute 'item'"}

---
- hosts: all
  gather_facts: no
  become: yes
  tasks:
     - name: check user exists
       command: grep {{ item }} /etc/passwd
       failed_when: False
       register: out
       with_items:
         - user1
         - user2 
         - user3

     - debug:
         var: out

     - name: check if existing user is in sudoers
       command: grep {{ item }} /etc/sudoers
       with_items: "{{ out.results }}"
       register: message

     - debug:
         var: message

Dick Visser

unread,
May 20, 2020, 3:49:30 PM5/20/20
to ansible...@googlegroups.com
You forgot the output. 
Also, what is your high level goal.
Why do you need to know if a user exists and has sudo permission.

--
You received this message because you are subscribed to the Google Groups "Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email to ansible-proje...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/780471fd-cc97-4a8d-930e-147784254c80%40googlegroups.com.
--
Sent from a mobile device - please excuse the brevity, spelling and punctuation.

Jerry Jerry

unread,
May 20, 2020, 3:58:07 PM5/20/20
to Ansible Project
My bigger question is how to run a loop with with_items then process the output in the second play.

The objective is to see if user1, user2, user3 exist locally make sure they have sudo rights.

when my play tries to process out.results.item:

     - name: check if existing user is in sudoers
       command: grep {{ item }} /etc/sudoers
       with_items: "{{ out.results.item }}"
       register: message

TASK [check if existing user is in sudoers] ****************************************************************************************************************************************************************
fatal: [hostname]: FAILED! => {"msg": "'list object' has no attribute 'item'"}
        to retry, use: --limit @/opt/rhel-ansible/check_sudo_users.retry
To unsubscribe from this group and stop receiving emails from it, send an email to ansible...@googlegroups.com.

Jerry Jerry

unread,
May 20, 2020, 3:59:42 PM5/20/20
to Ansible Project
If I leave the playbook like this:

     - name: check if existing user is in sudoers
       command: grep {{ item }} /etc/sudoers
       with_items: "{{ out.results }}"
       register: message


it attempts to run a grep on all output from out.results.

Dick Visser

unread,
May 20, 2020, 6:02:45 PM5/20/20
to ansible...@googlegroups.com
On Wed, 20 May 2020 at 21:58, Jerry Jerry <jer...@gmail.com> wrote:
My bigger question is how to run a loop with with_items then process the output in the second play.

The objective is to see if user1, user2, user3 exist locally make sure they have sudo rights.

To unsubscribe from this group and stop receiving emails from it, send an email to ansible-proje...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/71a7ca09-47be-4d03-92e4-8e741dc0bf94%40googlegroups.com.

Jerry Jerry

unread,
May 20, 2020, 7:44:03 PM5/20/20
to ansible...@googlegroups.com
This almost works but I cant make it skip when the grep root /etc/password fails.  I dont understand how to access out.rc when using a loop.  My when statement doesnt work.  I am not as interested in this task as I am pulling rc from a loop then using it in the next loop.  

---
- hosts: all
  gather_facts: no
  become: yes
  vars:
    check_users:
       - root
      - admin
      - oracle


  tasks:
  - name: check user exists
    shell: grep {{ item }} /etc/passwd
    failed_when: False
    register: out
    with_items: "{{ check_users }}"



  - name: check if existing user is in sudoers
    command: grep {{ item }} /etc/sudoers
    failed_when: False
#    when: item.1.rc == 0
    register: check_sudoers
    with_items: "{{ check_users }}"

  - debug:
      var: check_sudoers

Reply all
Reply to author
Forward
0 new messages